In the article, “The War Z Taken Offline Following Hack that Exposed User Passwords,” author Dan Goodin discusses the hack that affected 600,000 players. According to the article, the hackers were able to attack The War Z systems and acquire access to users’ email addresses and passwords. Other personal information included in the forum and game's database like the IP addresses used to access the databases or anything that users posted themselves were exposed. The advisory of the game were unsure as to the cause of the compromise. Members of the advisory panel for The War Z assured that passwords were encrypted but did not mention if they used a strong hash algorithm or if cryptographic salt was added.
Analysis
Vulnerabilities in the system’s software design might have created an opening for hackers to attack, and once accessed the hackers could easily crack the password because of recent advances in cracking passwords. As a result of these recent advances, users should create stronger and unique passwords to prevent information loss if there is a breach of security in the future. Stronger passwords that include a minimum of 10 characters made up numbers, letters, and symbols should be used in the future to improve security measures. Reliable algorithms instead of SHA1 and MD5 should be used to hash passwords. Surveillance of security and platform weaknesses should be monitored and updated regularly to prevent future attacks.
In the article, “The War Z Taken Offline Following Hack that Exposed User Passwords,” author Dan Goodin discusses the hack that affected 600,000 players. According to the article, the hackers were able to attack The War Z systems and acquire access to users’ email addresses and passwords. Other personal information included in the forum and game's database like the IP addresses used to access the databases or anything that users posted themselves were exposed. The advisory of the game were unsure as to the cause of the compromise. Members of the advisory panel for The War Z assured that passwords were encrypted but did not mention if they used a strong hash algorithm or if cryptographic salt was added.
Analysis
Vulnerabilities in the system’s software design might have created an opening for hackers to attack, and once accessed the hackers could easily crack the password because of recent advances in cracking passwords. As a result of these recent advances, users should create stronger and unique passwords to prevent information loss if there is a breach of security in the future. Stronger passwords that include a minimum of 10 characters made up numbers, letters, and symbols should be used in the future to improve security measures. Reliable algorithms instead of SHA1 and MD5 should be used to hash passwords. Surveillance of security and platform weaknesses should be monitored and updated regularly to prevent future attacks.